CVE-2025-24479
published 2025-01-28CVE-2025-24479: A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access…
PriorityP341high8.6CVSS 4.0
AVLACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.17%
7.1th percentile
A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | azl3_wireshark_4.4.7-1_on_azure_linux_3.0 | — | — |
| rockwell_automation | factorytalk_view_machine_edition | — | — |
CVSS provenance
nvdv4.08.6HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_msrc7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation FactoryTalk
cisa_ics·2025-01-28·CVSS 8.6
[HIGH] Rockwell Automation FactoryTalk
ICS Advisory
##
Rockwell Automation FactoryTalk
Release DateJanuary 28, 2025
Alert CodeICSA-25-028-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Low attack complexity
- Vendor: Rockwell Automation
- Equipment: FactoryTalk
- Vulnerabilities: Incorrect Authorization, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute code on the device with elevated privileges.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Rockwell Automation FactoryTalk View ME are affected:
- FactoryTalk View
Microsoft
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the ve
vendor_msrc·2024-02-13·CVSS 7.5
CVE-2024-24479 [HIGH] CWE-120 A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the ve
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more informati
GHSA
GHSA-5q2h-rcfj-xc9g: A Local Code Execution Vulnerability exists in the product and version listed above
ghsa_unreviewed·2025-01-28
CVE-2025-24479 [HIGH] CWE-863 GHSA-5q2h-rcfj-xc9g: A Local Code Execution Vulnerability exists in the product and version listed above
A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-28
Published